TPmail text output.

Mail package TPmail for Unix systems

Language

[eng]  [rus]

Home

Documentation

Support

News

Resources

Contacts

Typical tasks for sendmail and solutions for them on the base of TPmail

Contents

Introduction
1. How to copy mail (all, some abonents).
2. How to forward a some outgoing mail to local mailbox.
3. How to block the outgoing mail to a some domain with its subdomains.
4. How to allow a some user to accept mail only from this IP address.
5. How to allow the users to accept mail only from this IP address (disable all incoming mail exceipt only one external IP address).
6. How to allow a some user to accept mail only from this email address.
7. How to allow some users to accept only a local mail.
8. How to block some users to accept the incoming external mail.
9. How to reject the incoming mail with local administrative accounts, but getting not from out local IP addresses.
10. How to block the incoming mail from external IP addresses with email addresses from our mail domain.
11. How to force the local users to use only the email addresses from our local mail domain.
12. How to set a strong relatioship between the local email address and the local IP address to send outgoing mail by the local users.
13. How to deny a some local user to send the mail outside the local email domain.
14. How to allow a some local user to send a messages only to this external email address.
15. How to limit a local users group with a work (send/receive) only inside the local email domain.
16. How to allow a some user all mail, exceipt this email address.
18. How to block a forged mail with the email addressesÓ gluck@mail.subscribe.ru and namma123456@subscribe.ru.
19. Filter the incoming mail by parameter HELO.
20. How to block a messages with a single header Received: (how to detect that variable is empty).
21. How to overcome with the email addresses scanning (dictionary attack, define(`confBAD_RCPT_THROTTLE',`3')).
22. How to block the email addresses scanning (limit of rejects "User unknown").
23. Last blocking variant the unknown objects from the recipients list of the local domain is exceeded the setting value.
25. How to avoid the double bouncing (define(`confDOUBLE_BOUNCE_ADDRESS', `')).
26. How to block a mail sending to some relay (block by MX-domain of recipient).
27. How to check in RBL-bases IP address of sender and also IP addresses of all relays that found in headers Received:.
28. How to limit a connections number with SMTP port from one IP address and number of open SMTP connections for a time interval.
29. How to block a mail from IP addresses for which direct and reverse DNS checks are mismatched.
30. How to change a recipient's address (add 3 digits before address).
31. Hot spam (November-December of 2006 year).
32. How to force a local users to use the SMTP authentication.

Introduction

Tasks conditions were taken from the site linux.ufaras.ru/sendmail.html(with the courtesy permission of the site author).
The solutions for these tasks on the site are given using the complex rules of sendmail.cf or using the standard config files of sendmail.
We shall try to solve these tasks with a help of the package TPmail.
Generally speaking, any selected task can be solved with a help of the module milter-agent, but we shall try to find the alternative ways.

1. How to copy mail (all, some abonents).

(1) Use mail_archive.sh from module milter-agent.
(2) Use [Address] from module milter-agent.
[Address]
 message_recipient = "user1@mydomain.ru"
add_recipient = "localuser2"

2. How to forward a some outgoing mail to local mailbox.

Use [Address] from module milter-agent.
[Address]
 message_recipient = "user1@foreign.com"
message_forward_recipient = "localuser2"

3. How block the outgoing mail to a some domain with its subdomains.

Use [Filter] from milter milter-connect.
[Filter]
 reject_stage = envrcpt
reject_envfrom = "@localdomain\.ru"
reject_envrcpt = "@(()|.*\.)blockdomain\.ru"
reject_message = "The mail delivery to these domains is prohibited."

4. How allow a some user to accept mail from one IP address.

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "10.2.100.234"
accept_envfrom = ".*"
accept_envrcpt = "user1@ourdomain.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = ".*"
reject_envrcpt = "user1@ourdomain.ru"
reject_message = "You cannot get a mail from all world."

5. How to allow the users to accept mail only from this IP address (disable all incoming mail exceipt only one external IP address).

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "10.2.100.234"
accept_envfrom = ".*"
accept_envrcpt = "@ourdomain\.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = ".*"
reject_envrcpt = "@ourdomain\.ru"
reject_message = "You cannot get a mail from all world."

6. How to allow a some user to accept mail only from this email address.

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_envfrom = "user2@foreign.com"
accept_envrcpt = "user1@ourdomain.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = ".*"
reject_envrcpt = "user1@ourdomain.ru"
reject_message = "You cannot get a mail from all world."

7. How to allow some users to accept only a local mail.

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_envfrom = "@ourdomain\.ru"
accept_envrcpt = "(user1|user2|user3)@ourdomain\.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = ".*"
reject_envrcpt = "(user1|user2|user3)@ourdomain.ru"
reject_message = "You can get only a local mail ."

8. How to block some users to accept the incoming external mail.

This solution is the same as the solution for task 7.
Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_envfrom = "@ourdomain\.ru"
accept_envrcpt = "(user1|user2|user3)@ourdomain\.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = ".*"
reject_envrcpt = "(user1|user2|user3)@ourdomain.ru"
reject_message = "You cannot get a mail from another world."

9. How to reject the incoming mail with local administrative accounts, but getting not from out local IP addresses

(1) Algorithm LMTA is successfully solved a given task.
(2) Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "192.168.100.1 - 192.168.100.255"
accept_envfrom = "^(root|postmaster|adm|mail-daemon|hostmaster|webmaster)@ourdomain\.ru"
accept_envrcpt = ".*"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = "^(root|postmaster|adm|mail-daemon|hostmaster|webmaster)@ourdomain\.ru"
reject_envrcpt = ".*"
reject_message = "You are used a forged addresses."

10. How to block the incoming mail from external IP addresses with email addresses from our mail domain.

(1) Algorithm LMTA is successfully solved a given task.
(2) Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "192.168.100.1 - 192.168.100.255"
accept_envfrom = "@ourdomain\.ru"
accept_envrcpt = ".*"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = "@ourdomain\.ru"
reject_envrcpt = ".*"
reject_message = "You are used a forged addresses."

11. How to force the local users to use only the email addresses from our local email domain.

(1) Algorithm LMTA is successfully solved a given task.
(2) Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "192.168.100.1 - 192.168.100.255"
accept_envfrom = "@ourdomain\.ru"
accept_envrcpt = ".*"
 [Filter]
 reject_stage = envrcpt
reject_hostaddr = "192.168.100.1 - 192.168.100.255"
reject_envfrom = ".*"
reject_envrcpt = ".*"
reject_message = "These e-mail addresses are prohibited."

12. How to set a strong relatioship between the local email address and the local IP address to send outgoing mail by the local users.

(1) Use [UserQuota] from module milter-quota.
[UserQuota]
 quota_user_name = "user1"
quota_user_allowed_send_hostaddr = "192.168.100.1"
 (2) Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "192.168.100.1"
accept_envfrom = "user1@ourdomain.ru"
accept_envrcpt = ".*"
 [Filter]
 reject_stage = envrcpt
reject_hostaddr = "192.168.100.1 - 192.168.100.255"
reject_envfrom = "user1@ourdomain.ru"
reject_envrcpt = ".*"
reject_message = "You can send a mail only from allowed hosts."

13. How to deny a some local user to send the mail outside the local email domain.

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_envfrom = "user1@ourdomain.ru"
accept_envrcpt = "@ourdomain\.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = "user1@ourdomain.ru"
reject_envrcpt = ".*"
reject_message = "You are prohibited to send a mail for all world."

14. How to allow a some local user to send a messages only to this external email address.

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_envfrom = "user1@ourdomain.ru"
accept_envrcpt = "user2@anotherdomain.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = "user1@ourdomain.ru"
reject_envrcpt = ".*"
reject_message = "You are prohibited to send a mail for all world."

15. How to limit a local users group with a work (send/receive) only inside the local email domain.

Use [Filter] from module milter-connect.
Using this solution together with a solution of task 12, it is possible to get a mode of strong relatioship between local user and IP address in local domain.
[Filter]
 accept_stage = envrcpt
accept_hostaddr = "192.168.100.1 - 192.168.100.255"
accept_envfrom = "(user1|user2|user3)@ourdomain.ru"
accept_envrcpt = "@ourdomain\.ru"
 [Filter]
 accept_stage = envrcpt
accept_hostaddr = "192.168.100.1 - 192.168.100.255"
accept_envfrom = "@ourdomain\.ru"
accept_envrcpt = "(user1|user2|user3)@ourdomain.ru"
 [Filter]
 reject_stage = envrcpt
reject_envfrom = "(user1|user2|user3)@ourdomain.ru"
reject_envrcpt = ".*"
reject_message = "You are prohibited to send a mail for all world."
 [Filter]
 reject_stage = envrcpt
reject_envfrom = ".*"
reject_envrcpt = "(user1|user2|user3)@ourdomain.ru"
reject_message = "You are prohibited to receive a mail from all world."

16. How to allow a some user all mail, exceipt this email address.

Use [Filter] from module milter-connect.
[Filter]
 reject_stage = envrcpt
reject_envfrom = "user1@ourdomain.ru"
reject_envrcpt = "user2@anotherdomain.ru"

18. How to block a forged mail with the email addresses gluck@mail.subscribe.ru and namma123456@subscribe.ru.

Algorithm LMTA is successfully solved a given task.

19. Filter the incoming mail by parameter HELO.

Using the algorithm LMTA is made the solution of this task unneccessary.

20. How to block a messages with a single header Received: (how to detect that variable is empty).

(1) Use a script test_received_header.sh from module milter-agent.
(2) Write an own script for module milter-agent.

21. How to overcome with the email addresses scanning (dictionary attack, define(`confBAD_RCPT_THROTTLE',`3')).

Usually, it is unneccessary, because the algorithm LMTA works a very quick and effective.

22. How to block the email addresses scanning (limit of rejects "User unknown").

Usually, it is unneccessary, because the algorithm LMTA works a very quick and effective.

23. Last blocking variant the unknown objects from the recipients list of the local domain is exceeded the setting value.

Usually, it is unneccessary, because the algorithm LMTA works a very quick and effective.

25. How to avoid the double bouncing (define(`confDOUBLE_BOUNCE_ADDRESS', `')).

The task is solved by the sendmail options successfully.

26. How to block a mail sending to some relay (block by MX-domain of recipient).

Usually, it is unneccessary, because the algorithm LMTA works a very quick and effective.

27. How to check in RBL-bases IP address of sender and also IP addresses of all relays that found in headers Received:.

Usually, it is unneccessary, because the algorithm LMTA works a very quick and effective.
But the program test_lmta from module milter-connect can be solved a such task.

28. How to limit a connections number with SMTP port from one IP address and number of open SMTP connections for a time interval.

Use [RateControl] from module milter-quota.

29. How to block a mail from IP addresses for which direct and reverse DNS checks are mismatched.

Usually, it is unneccessary, because the algorithm LMTA works a very quick and effective.

30. How to change a recipient's address (add 3 digits before address).

Use [Address] from module milter-agent.
[Address]
 message_recipient = "user1@ourdomain.ru"
message_forward_recipient = "123user1@ourdomain.ru"

31. Hot spam (November-December of 2006 year).

Write an own script to filter these lines for module milter-agent.

32. How to force a local users to use the SMTP authentication.

Use [Filter] from module milter-connect.
[Filter]
 accept_stage = envrcpt
accept_envfrom = "@ourdomain\.ru"
accept_envrcpt = ".*"
auth_user_credentials = "user1 user2 user3"
auth_nonauth_users_also = 0
 [Filter]
 reject_stage = envrcpt
reject_envfrom = "@ourdomain\.ru"
reject_envrcpt = ".*"
reject_message = "You must be authenticated for this mail server."
auth_user_credentials = ".*"
auth_nonauth_users_also = 1


Valid HTML 3.2! Copyright © 2007 Dmitry Stefankov Last modified: $Date: 2010-01-27 15:31:26+03 $ Powered by FreeBSD. Powered by Apache. Powered by OpenSSL.